0 Replies Latest reply on Apr 24, 2012 5:22 PM by 932891

    Solaris DHCP server blocks DHCP client after client reboots

      Sorry if this is a bit long, but it's a strange issue that needs some detail to explain and to be clear.

      I have a single Solaris 11 x86 server doing several things (DHCP, Dovecot, Apache, MySQL, Samba, OpenVPN, sendmail). DHCP is doing something strange. Here are the specifics...

      I have configured the Solaris DHCP server as follows:
      a) Configured to give out 8 client IPs
      b) 6 IPs are reserved (a Client ID is specified and the Reserved check box is ticked)
      c) Remaining 2 IPs are not reserved (Client ID is 00 and the Reserved check box is unticked)
      d) All IPs are dynamic assignment for 1 week

      (Unrelated, but just as an FYI, I chose to use reserved IPs as I don't allow DHCP to update DNS, so I wanted my clients to always be assigned the same IP via DHCP.)

      The very first time a new client powers on it is assigned its reserved IP address by the DHCP server. The client is able to communicate with the server (for http, email, DB, smb, etc) without any problems. The client stays powered on 24/7, and when the 1 week DHCP lease expires, the client renews the lease (and is given the same reserved IP), no problems. Everything is fine, and can continue this way indefinitely.

      The problem occurs when the client is powered off for a few minutes then powered on again.

      Upon powering back on, the client requests an IP address, the DHCP server assigns the client its reserved IP address, and from that point onward, the server blocks all incoming network traffic from that client - absolutely everything is blocked. I have snooped whilst doing all sorts of direct and broadcast network tests (TPC, UDP and ICMP) from the client and the server sees none of it.

      To get the client's traffic through to the server again I can do either of the following:
      a) Reboot the server (a bit drastic)
      b) From the client, release the IP address, then renew the IP address (effectively restarting the 1 week IP lease)

      This problem only occurs when a client requests an IP address whilst a previous 1 week lease exists and is still active for the same client. If a client has never had a lease, or a previous 1 week lease has expired, then the client is assigned its reserved IP address and communicates with the server without a problem.

      In the tests I've done, I've been able to replicate this problem with Windows, MacOS and Solaris clients.

      Does the DHCP server think that the client is an imposter because it is requesting an IP address when it's already been assigned one?
      Is there some sort of security switched on by the DHCP server that's causing this?
      As you can probably tell, I'm totally stumped by this behaviour.

      Any ideas or assistance would be appreciated.